What is GPG13 and how do I get GPG13 compliance? Protective Monitoring, also known as Good Practice Guide 13, or GPG13, is a UK government recommended set of people and business processes and technology to improve company risk profiles.
Essentially, a Protective Monitoring solution will provide visibility and an understanding of who is accessing...

A protective monitoring solution essentially requires you to invest in a Security Information & Event Management Solution (SIEM).
Most SIEM tools will be able to implement a successful Protective Monitoring solution, however there are some considerations that should be taken in to account, as described below:
* Does your SIEM have built in reports...

Each of the Protective Monitoring Controls has an obligation to record specific information. The level of audit and accounting requirements will depend on the specific Recording Profile of the data.
Within GPG13 there are four Recording Profiles, which roughly map to the to the HMG Information Assurance Standard no.1 Segmentation Model.
The Segmentation...